Failures of Gallery locking apps. Why? How?, etc.

Ok. First of all, I hardly trust such software available at Playstore. Not many, at least. Why?

Here is a list to go,

1. Most of these softwares never tell you about the method and key they use for encrypting and decrypting your data. e.g. AES128, Blowfish etc.
2. They don’t let you choose the encryption key or see it or even let you backup that key.
3. Most of these even forget to mention that you may lose your data. Some does that; e.g. Secure gallery does tell that but now I know that this is just a gimmick. Why? Read here.
4. No thought process is ever put to recovery portion. Users are just bunch of Dollars, you know!
5. Not all apps support every type of partition and disk types.
6. Many of these just may fail even if you removed the memory card or reboot the phone. Hey… They say it themselves, I don’t! Have devs never heard of ‘permissions’?
7. As usual, In-app purchases make scenario worse. You need to spend to get more features like hidden mode etc. Yuck! This money could have been put for extended support.
8. No uninstall protection. No unlocking or decrypting warning before uninstallation.
9. Some actually do nothing than putting .nomedia or renaming files.
10. And finally No support. Mail them if you don’t believe me.

Hey… Where is that classic example?

So, one of my friend installed this software and was telling me that how cool and secure it is. He was flashing his or say app’s – dial to enter hidden app feature. I swear as a security admin, I saw it. I told him, take a backup. He said, not required and I said you will lose your data and he said we will see. And here we are.

If these softwares are so good, how come they just stop functioning some day? Like this may be,

1. He installed the software Secure Gallery (Pic/Video) and then locked a folder full of pics.
2. Then he put on a PIN needed to unlock this folder. Wow…
3. Then activated the hidden mode which needed to dial something like #0000 from dialer. Worked like charm.

However, did anyone of you asked developer that what if you or your phone manages start-up apps in a different and individual way? Nope. Right? For example MIUIs and Emoticon Huawei phones.

Next time he restarted the phone, may be just out of boredom. Phone restricted the app and it didn’t fire up at boot, leading your magic dial number to be just, well a dial number. And, you are lost as the app will not start from any other manager or Playstore Run app button. Well you needed security.

This tells that the permissions were handled very poorly. User may just remove SD card or restart the phone and it stops working. This is insane when users are trusting an app with all their data.

What you can do?

1. Always try an app on test data.
2. Fully purchased app is much better than In-app purchases (IAP).
3. Don’t go for illegal apps. You will never know what data is being transmitted from your phone to the cracker of app; unless you are a coder or programmer.
4. Test it by removing SD card and re-inserting it.
5. If like me, you have different partitions on your memory card with different partition type then test them also by putting test folders and files.
6. Check that the app actually encrypts and just not rename or put on a .nomedia file (provided you want actual security)
7. Check with a windows photo editing software that, is there any quality loss in encrypting and decrypting.
8. Any such app should automatically run at startup / reboot of your phone. Or everything will fail.
9. App permissions along with start-up thing. Most of these app should not have access to phonebook, messages, camera etc.
10. Make sure that there is a way out for recovering your data.
11. Support is very important in such apps if you get stuck somewhere. Look for level of support available.

I hope it will help you all. Let me know if something can be added to this list.

3 Comments

Kartik

January 15, 2015 at 6:49 am

There are hundreds low quality software on playstore which ruins your data. Folder lock and one more I don’t remember, ruined and lost all my 1K+ pics. They are bad to use and to be tested. Thank you for guide. I completely agree why they fail and how we should make sure they are good one before using them on real data.